1. Field of the Invention
The present invention relates generally to security, and specifically, to verifiable digital signatures.
2. Description of the Related Art
With the advancement of technology, the Internet is becoming more and more an integral part of our personal and professional lives. The Internet is heavily depended on for transmitting and receiving messages and documents via electronic mail. In a setting where a document is a legally and binding contract, the recipient must determine the identity of the person sending the document, and whether that person is authorized to bind the entity that the person is representing to a legal contract. The recipient must also ensure that the sender cannot later deny agreeing to the content(s) of the document (typically referred to as non-repudiation). The sender may also want to rely on the document that is received by the recipient.
Digital signature technology was developed primarily to authenticate the signer of the document and to ensure that the document remains unchanged when viewed by a recipient. Digital signatures are based on public key infrastructure (PKI) technology and use a combination of hashing and encryption to “encapsulate” the document in a form that proves unequivocally who has sent the document and that the document is exactly the same as the original.
At first glance, it appears that digital signatures are watertight, but the problem arises from the fact that the electronic document (e.g., a “.doc” file created by Microsoft Word™) is in computer format and cannot be read by the individual without the use of a “viewer” or word processing program. Different “viewer” or word processing programs or even different releases of the same program may display the document with changed characteristics. For instance, paragraph or line numbers may change, italics or bold may appear or disappear.
Consequently, documents that are digitally signed may look different and have a different meaning, when the recipient receives it. With the addition of the document potentially being subjected to malicious programs and hackers, the situation becomes more exasperated and complex.